⊞ App Launcher · Vulnerability Operations ⌄
Search Mythal — CVEs, assets, plans, agents… ⌘ K
🔔 Concept 03 · Lightning Console
M
🔍
📋
📡
🏢
📜
🛡
🔌
?

Severity

Critical · 26 High · 142 Medium · 380 Low · 1,540

Environment

IT · 3,578 OT · 630 DMZ · 102

Status

Open Awaiting Executing Closed

List views

All KEV-listed 52
Critical IT findings 14
OT compensating ctrl 52
Ransomware-associated 8
Awaiting my approval 6
My closed this week 240

All KEV-listed

52 findings · sorted by exploitation likelihood
CVE Vulnerability Vendor · Product Hits Severity Status
CVE-2024-37079 VMware ESXi authentication bypassActive Directory integration. Ransomware operators exploiting. VMware · ESXi 24 CRIT 9.8 awaiting
CVE-2024-3400 PAN-OS GlobalProtect command injectionCritical 10.0. Active in the wild. Palo Alto · PAN-OS 45 CRIT 10.0 executing
CVE-2023-22515 Confluence broken access controlAtlassian Data Center · ransomware Atlassian · Confluence 8 CRIT 9.8 closed
CVE-2022-26143 Siemens RUGGEDCOM SSH auth bypassOT · CCS · veto path Siemens · RUGGEDCOM 23 CRIT 9.8 OT-veto
CVE-2021-44228 Apache log4j JNDI lookup RCELog4Shell. Still appearing. Apache · Log4j2 8 CRIT 10.0 closed
CVE-2024-21887 Ivanti Connect Secure cmd injectionSSL VPN · ransomware operators Ivanti · Connect Secure 3 CRIT 9.1 awaiting
CVE-2023-20198 Cisco IOS-XE Web UI privilege escalationFamous October 2023 incident Cisco · IOS-XE 12 CRIT 10.0 closed
CVE-2022-22965 Spring4Shell RCESpring Framework JDK 9+ VMware · Spring 6 CRIT 9.8 executing
CVE-2024-1709 ConnectWise ScreenConnect auth bypassRemote access · ransomware ConnectWise · ScreenConnect 2 CRIT 10.0 closed
CVE-2024-21412 Windows SmartScreen bypassInternet Shortcut spoofing Microsoft · Windows 1814 HIGH 8.1 closed
FINDING DETAIL
CVE-2024-37079
VMware ESXi authentication bypass via Active Directory integration. A malicious actor with sufficient AD permissions can gain full access to an ESXi host.
CRIT 9.8 KEV RANSOMWARE VMware

Attribution

CVE IDCVE-2024-37079
CISA Added2024-07-30
Due Date2024-08-20
EPSS0.84
RansomwareKnown use

Affected assets · 24

mcr-vcenter-east-014v7.0.3
mcr-vcenter-west-022v7.0.3
mcr-esxi-east-007v7.0.3
mcr-esxi-west-012v7.0.3
… and 20 more

Agent trace · live

scannerIngested CVE-2024-37079 from Defender VM. 24 hosts affected.
threat_intelKEV=true · EPSS=0.84 · ransomware=true · CISA due 2024-08-20.
patch_hunterVMware fix located: ESXi 8.0 U2 + 7.0 U3-2024-08. Reliability 0.92.
impactHigh-criticality hosts · 24 affected · 8 hosting prod workloads.
planner7-step rolling update plan. Rollback validated. Single security approval.
policy_gateRule SG-POL-004 → single_approval (security).
Agent fabric · 12/12 online 📡 Activity feed 147 🔔 Alerts 3 📋 My pending approvals 6 📞 Recent items ⚙ Settings ? Help 🟢 Salesforce Lightning lineage · Concept 03
01 · MISSION 02 · WORKSPACE 03 · LIGHTNING 04 · STUDIO 05 · BRIDGE ← back